State table reorganisation
About the PF state table

State entries contain 
Connection identifier (af, src ip, dst ip, src port, dst port)
Connection Tracking
Actions
Links to other internal structures

Indexed in red-black trees
Used to be more like a forest:
A RB tree for interface, interface group, and "floating" states.
"floating" is the default, but searching needs to happen from most specific to least specific.
So basically 3 tree searches per state lookup